<?php include "header.php" ?>
	<?php 
		$emp_id = "";
		
		if (isset($_SESSION["emp_id"])) {  //Already logged in as an employee.
			echo "You are already logged in as an employee. Please logout first.";
			require "footer.php";
			die();
		}
		else if (isset($_SESSION["email"])) { //Already logged in as a user.
			echo "You are logged in as a user. Please logout first.";
			require "footer.php";
			die();
		}
		else { //Not logged in.
			if (isset($_POST["emp_id"]) && isset($_POST["password"])) {
				$query = "SELECT access_level FROM employee WHERE ID = '" . $_POST["emp_id"] . "' AND password='" . $_POST["password"] . "'";
				if ($result = mysqli_query($con, $query)) {
					if (mysqli_num_rows($result) > 0) {
						while ($row = mysqli_fetch_array($result)) {
							if ($row["access_level"] == "manager")
								$_SESSION["man_id"] = $_POST["emp_id"];
							$_SESSION["emp_id"] = $_POST["emp_id"];
						}
						header("location:employeeHome.php");
					}
				}
			}
		}
	?>
	
		<!-- Simple login form -->
		<h2>Employee Login</h2>
		<form method="post" action="<?php echo htmlspecialchars($_SERVER["REQUEST_URI"]);?>">
			Employee ID: <input type="text" name = "emp_id" value="<?php echo $emp_id; ?>"> <br>
			Password: <input type="password" name="password" value="">
			<input type="submit" name="submit" value="Submit">
		</form>
		<br><br><br>
		Or login as an employee: <a href="login.php">Customer Login</a>
		
<?php include "footer.php" ?>